package com.atguigu.springsecurity.expression;

import com.atguigu.springsecurity.vo.LoginUserVo;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

@Component("ex") // 取名字后面好取出来
public class LemonExpression {

    public boolean hasAuthority(String authority){
        // 获取当前用户的权限
        // 获取到用户的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUserVo loginUserVo = (LoginUserVo) authentication.getPrincipal();
        List<String> permissions = loginUserVo.getPermissions();

        // 判断用户权限集合中是否存在 authority
        return permissions.contains(authority);
    }

}
